Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

fix(user_role): Restrict updating user role to the same EntityType #6224

Merged
merged 1 commit into from
Oct 7, 2024
Merged

fix(user_role): Restrict updating user role to the same EntityType #6224

merged 1 commit into from
Oct 7, 2024

Conversation

ThisIsMani
Copy link
Contributor

Type of Change

  • Bugfix
  • New feature
  • Enhancement
  • Refactoring
  • Dependency updates
  • Documentation
  • CI/CD

Description

  • Currently update user role API allows updating a merchant level user role to profile level, which should not be possible.

Additional Changes

  • This PR modifies the API contract
  • This PR modifies the database schema
  • This PR modifies application configuration/environment variables

Motivation and Context

Closes #6222.

How did you test it?

curl --location 'http://localhost:8080/user/user/update_role' \
--header 'Authorization: JWT' \
--data-raw '{
    "email": "merchant level user email",
    "role_id": "profile_admin"
}'

This call should throw the following error.

{
    "error": {
        "type": "invalid_request",
        "message": "User Role Operation Not Supported",
        "code": "UR_23"
    }
}

Checklist

  • I formatted the code cargo +nightly fmt --all
  • I addressed lints thrown by cargo clippy
  • I reviewed the submitted code
  • I added unit tests for my changes where possible

@ThisIsMani ThisIsMani added C-bug Category: Bug S-waiting-on-review Status: This PR has been implemented and needs to be reviewed A-users Area: Users labels Oct 4, 2024
@ThisIsMani ThisIsMani self-assigned this Oct 4, 2024
@ThisIsMani ThisIsMani requested a review from a team as a code owner October 4, 2024 08:16
@semanticdiff-com SemanticDiff.com
Copy link

semanticdiff-com bot commented Oct 4, 2024
edited
Loading

Review changes with SemanticDiff.

Analyzed 1 of 1 files.

Filename Status
✔️ crates/router/src/core/user_role.rs Analyzed

@likhinbopanna likhinbopanna added this pull request to the merge queue Oct 7, 2024
@likhinbopanna likhinbopanna removed the S-waiting-on-review Status: This PR has been implemented and needs to be reviewed label Oct 7, 2024
Merged via the queue into main with commit b499287 Oct 7, 2024
17 checks passed
@likhinbopanna likhinbopanna deleted the update-user-role-fix branch October 7, 2024 14:44
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@racnan racnan racnan approved these changes

@Riddhiagrawal001 Riddhiagrawal001 Riddhiagrawal001 approved these changes

Assignees

@ThisIsMani ThisIsMani

Labels
A-users Area: Users C-bug Category: Bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

bug(user_roles): Restrict updating user_roles to the same entity level
4 participants
@ThisIsMani @Riddhiagrawal001 @racnan @likhinbopanna